--- a/mod_http_oauth2/mod_http_oauth2.lua Mon Apr 10 10:44:23 2023 +0200
+++ b/mod_http_oauth2/mod_http_oauth2.lua Mon Apr 10 10:47:51 2023 +0200
@@ -750,10 +750,12 @@
local request = event.request;
local credentials = get_request_credentials(request);
if not credentials or not credentials.bearer_token then
+ module:log("debug", "Missing credentials for UserInfo endpoint: %q", credentials)
return 401;
end
- local token_info = tokens.get_token_info(credentials.bearer_token);
+ local token_info,err = tokens.get_token_info(credentials.bearer_token);
if not token_info then
+ module:log("debug", "UserInfo query failed token validation: %s", err)
return 403;
end
-- TODO check that they actually have access to the userinfo endpoint, aka